IN THE CLAIMS 

Please amend the claims as follows: 
1-21. (Canceled). 

22. (Currently Amended) The method of claim [[21]] 26, wherein the home 
network comprises a firewall proxy. 

23. (Currently Amended) The method of claim [[21]] 26, further comprising: 
for traffic between the client and the home network server, tunneling the 

encapsulated packets is based on the security association between the home network 
server and the client. 

24. (Original) The method of claim 23, wherein establishing the security 
association between the home network server and the client comprises: 

at the client, authenticating the home network server; 
at the home network server, authenticating the client; 

establishing a secure channel for negotiations between the client and the home 
network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the client and the home network server, wherein the 
security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

25. (Original) The method of claim 23, wherein the tunneling of the 
encapsulated packets comprises: 

for outbound traffic, at the relay server, decapsulating the encapsulated packets; 
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at the relay server, encapsulating the decapsulated packets using the 
client's new Internet Protocol address; and 

at the relay server, transmitting the encapsulated decapsulated packets to 
the client; and 

for inbound traffic, at the relay server, decapsulating the encapsulated packets; 

at the relay server, encapsulating the decapsulated packets using the 
home network server Internet Protocol address; and 

at the relay server, transmitting the encapsulated decapsulated packets to 
the home network server. 

26. (Currently Amended) [[The]] A method of c l a i m 21, establishing and 
maintaining secure communications between a home network server that is associated 
with a home network and a client when the client roams from the home network to a 
new location outside of the home network, the method comprising: 

at the client, establishing a new Internet Protocol address associated with the 
new location, wherein the client has a permanent Internet Protocol address associated 
with the home network; 

at the client, transmitting a registration message, to a relay server that is coupled 
to the home network server, wherein the registration message identifies the new 
Internet Protocol address associated with the permanent Internet Protocol address; 

at the relay server, authenticating the registration message; 

at the relay server, encapsulating the registration message: 
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at the relay server, transmitting the encapsulated registration message to the 
home network server; 

establishing a security association between the home network server and the 
relay server; 

at the home network server, registering the new Internet Protocol address as a 
care-of-address for the client; 

at the home network server, transmitting a reply message to the client confirming 
registration of the new Internet Protocol address as the care-of address for the client, 
thereby establishing a tunnel between the home network server and the client via the 
relay; 

establishing a security association between the home network server and the 
client inside the tunnel; 

at the home network server, performing network address translation between the 
permanent IP address and the new Internet Protocol address for packets addressed to 
the client; and 

at the home network server, encapsulating the packets that are addressed to the 
client based on the security association between the home network server and the 
client, 

wherein establishing the security association between the home network server 
and the relay server comprises: 

at the relay server, authenticating the home network server; 
at the home network server, authenticating the relay server; 
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establishing a secure channel for negotiations between the relay server and the 
home network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the relay server and the home network server, wherein the 
security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

27. (Currently Amended) The method of claim [[21]] 26, wherein the tunnel 
between the home network server and the relay is an encrypted tunnel. 

28. (Currently Amended) The method of claim [[21]] 26, wherein the tunnel 
between the home network server and the client is an encrypted tunnel. 

29. (Canceled). 

30. (Currently Amended) The method of claim [[29]] 31_, wherein the home 
network comprises a firewall proxy. 

31 . (Currently Amended) [[The]] A method of cla i m 29, establishing and 
maintaining secure communications between a home network server that is associated 
with a home network and a client when the client roams from the home network to a 
new location outside of the home network, the method comprising: 

at the client, establishing a new Internet Protocol address associated with the 
new location, wherein the client has a permanent Internet Protocol address associated 
with the home network; 
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at the client, transmitting a registration message to the home server, wherein the 
registration message identifies the new Internet Protocol address associated with the 
permanent Internet Protocol address; 

at the home network server authenticating the registration message; 

at the home network server, registering the new Internet Protocol address as a 
care-of-address for the client; 

at the home network server, transmitting a reply message to the client confirming 
registration of the new Internet Protocol address as the care-of address for the client, 
thereby establishing a tunnel between the home network server and the client; 

establishing a security association between the home network server and the 
client via the tunnel; 

at the home network server, encapsulating the packets that are addressed to the 
client based on the security association between the home network server and the 
client; 

for outbound traffic to the client, at the home network server, encapsulating the 
packets addressed to the client; 

tunneling the encapsulated packets to the client, based on the security 
association between the home network server and the client, and the client's new 
Internet Protocol address; 

at the client, decapsulating the encapsulated packets; 

for inbound traffic to the home network server, at the client, encapsulating the 
packets addressed to the home network server; 
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tunneling the encapsulated packets to the home network server, based on the 
security association between the client and the home network server; and 

at the home network server decapsulating the encapsulated packets, 

wherein establishing the security association between the home network server 
and the client comprises: 

at the client, authenticating the home network server; 

at the home network server, authenticating the client; 

establishing a secure channel for negotiations between the client and the home 
network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the client and the home network server, wherein the 
security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

32. (Canceled). 

33. (Currently Amended) [[The]] A method of cla i m 32, establishing and 
maintaining secure communications between a home network server that is associated 
with a home network and a client when the client roams from the home network to a 
new location outside of the home network, the method comprising: 

at the client, establishing a new Internet Protocol address associated with the 
new location, wherein the client has a permanent Internet Protocol address associated 
with the home network, and the home network comprises a firewall; 
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at the client, transmitting a registration message in HTTP Request-Format to a 
relay server that is coupled to each of the client and the home network server, wherein 
the registration message identifies the new Internet Protocol address, and the relay 
server is located on a public side of the firewall; 

at the relay server, authenticating the registration message; 

at the relay server, encapsulating the registration message in at least one first 
user datagram protocol packet; 

establishing a security association between the home network server and the 
relay server; 

at the relay server, transmitting the at least one first user datagram protocol 
packet through the firewall to the home network server; 

at the home network server, registering the new Internet Protocol address as a 
care-of-address for the client; 

at the home network server, generating a reply message and encapsulating the 
reply message in at least one second user datagram protocol packet, wherein the reply 
message confirms registration of the new Internet Protocol address as the care-of 
address for the client; 

at the home network server, transmitting the at least one second user datagram 
protocol packet to the relay server; 

at the relay server, translating the at least one second user datagram protocol 
packet into HTTP Response-Format to generate a translated reply message; 
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at the relay server, upon a request from the client, transmitting the translated 
reply message to the client; 

at the home network server, performing network address translation between the 
permanent Internet Protocol address and the new Internet Protocol address for packets 
addressed to the client; 

at the home network server, encapsulating the packets that are addressed to the 

client; 

at the home network server, tunneling the encapsulated packets to the relay 
server based on the security association between the home network server and the 
relay server, and the network address translation between the permanent Internet 
Protocol address and the new Internet Protocol address; 

at the relay server, decapsulating the encapsulated packets; and 

at the relay server, transmitting the decapsulated packets to the client, 

wherein establishing the security association between the home network server 
and the relay server comprises: 

at the relay server, authenticating the home network server; 

at the home network server, authenticating the relay server; 

establishing a secure channel for negotiations between the relay server and the 
home network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the relay server and the home network server, wherein the 
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security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

34. (Currently Amended) [[The]] A method of claim 32, establishing and 
maintaining secure communications between a home network server that is associated 
with a home network and a client when the client roams from the home network to a 
new location outside of the home network, the method comprising: 

at the client, establishing a new Internet Protocol address associated with the 
new location, wherein the client has a permanent Internet Protocol address associated 
with the home network, and the home network comprises a firewall; 

at the client, transmitting a registration message in HTTP Reguest-Format to a 
relay server that is coupled to each of the client and the home network server, wherein 
the registration message identifies the new Internet Protocol address, and the relay 
server is located on a public side of the firewall; 

at the relay server, authenticating the registration message; 

at the relay server, encapsulating the registration message in at least one first 
user datagram protocol packet; 

establishing a security association between the home network server and the 
relay server; 

at the relay server, transmitting the at least one first user datagram protocol 
packet through the firewall to the home network server; 

at the home network server, registering the new Internet Protocol address as a 
care-of-address for the client; 
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at the home network server, generating a reply message and encapsulating the 
reply message in at least one second user datagram protocol packet, wherein the reply 
message confirms registration of the new Internet Protocol address as the care-of 
address for the client; 

at the home network server, transmitting the at least one second user datagram 
protocol packet to the relay server; 

at the relay server, translating the at least one second user datagram protocol 
packet into HTTP Response-Format to generate a translated reply message; 

at the relay server, upon a reguest from the client, transmitting the translated 
reply message to the client; 

at the home network server, performing network address translation between the 
permanent Internet Protocol address and the new Internet Protocol address for packets 
addressed to the client; 

at the home network server, encapsulating the packets that are addressed to the 

client; 

at the home network server, tunneling the encapsulated packets to the relay 
server based on the security association between the home network server and the 
relay server, and the network address translation between the permanent Internet 
Protocol address and the new Internet Protocol address; 

at the relay server, decapsulating the encapsulated packets; and 

at the relay server, transmitting the decapsulated packets to the client, 
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wherein establishing the security association between the home network server 
and the client comprises: 

at the client, authenticating the home network server; 
at the home network server, authenticating the client; 

establishing a secure channel for negotiations between the client and the home 
network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the client and the home network server, wherein the 
security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

35. (Currently Amended) The method of claim [[32]] 34, wherein the tunnel 
between the home network and the client is an encrypted tunnel. 

36. (Canceled). 

37. (Currently Amended) The method of claim [[36]] 38, further comprising: 
for further outbound traffic to the client, at the home network server, 

encapsulating the packets addressed to the client; 

tunneling the encapsulated packets to the client via the multiplexer 
system, based on the security association between the home network server and 
the client; and 

at the client, decapsulating the encapsulated packets; and 
for further inbound traffic to the home network server, at the client, encapsulating 
the packets addressed to the home network server; / 
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tunneling the encapsulated packets to the home network server via the 
multiplexer, based on the security association between the client and the home 
network server; and 

at the home network server, decapsulating the encapsulated packets. 

38. (Currently Amended) [[The]] A method of cla i m 36, establishing and 
maintaining secure communications between a home network server that is associated 
with a home network and a client when the client roams from the home network to a 
new location outside of the home network, comprising: 

at the client, establishing a new Internet Protocol address associated with the 
new location, wherein the client has a permanent Internet Protocol address associated 
with the home network, and the home network comprises a firewall and a multiplexer 
system; 

at the client, transmitting a registration message in HTTP Request-Format to the 
firewall, wherein the registration message identifies the new Internet Protocol address; 

at the firewall, authenticating the registration message; 

at the firewall, transmitting the registration message to the multiplexer system; 

at the multiplexer system, encapsulating the registration message in at least one 
first user datagram protocol packet; 

at the multiplexer system, transmitting the at least one first user datagram 
protocol packet to the home network server; 
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at the home network server registering the new Internet Protocol address as a 
care-of-address for the client; 

at the home network server, generating a reply message and encapsulating the 
reply message in at least one second user datagram protocol packet, wherein the reply 
message confirms registration of the new Internet Protocol address as the care-of 
address for the client; 

at the home network server, transmitting the at least one second user datagram 
protocol packet to the multiplexer system; 

at the multiplexer system, translating the at least one second user datagram 
protocol packet into HTTP Response-Format to generate a translated reply message; 

at the multiplexer system, transmitting the translated reply message to the client; 

establishing a security association between the home network server and the 

client; 

establishing an encrypted tunnel between the home network server and the 

client; 

at the home network server, performing network address translation between the 
permanent IP address and the new Internet Protocol address for packets addressed to 
the client; 

at the home network server, encapsulating the packets that are addressed to the 

client; 

at the home network server, tunneling the encapsulated packets to the client 
based on each of the security association between the home network server and the 
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client and the network address translation between the permanent Internet Protocol 
address and the new Internet Protocol address; and 

at the client, decapsulating the encapsulated packets, 

wherein establishing the security association between the home network server 
and the client comprises: 

at the client, authenticating the home network server; 
at the home network server, authenticating the client; 

establishing a secure channel for negotiations between the client and the home 
network server; and 

using the secure channel, negotiating security parameters to establish the 
security association between the client and the home network server, wherein the 
security parameters comprise an encryption method, an integrity method, and a lifetime 
of the security association. 

39. (Currently Amended) The method of claim [[36]] 38, wherein the tunnel 
between the home network and the client is an encrypted tunnel. 
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